Tool-based approaches to Software Security (2015) – Topics

Inspecting Google Android for Work

Google released an new enterprise solution for smartphone applications. The task of this seminar topic would be to give a detailed overview about this enterprise solution by a conceptual overview, to sum up new programming paradigms for developing enterprise applications and the new security features introduced with Android for Work.
Suggested number of students: 2-3


Android Malware Evolution

The distribution of Android malware in comparison to other mobile operating systems is extremely high. Malware authors try to hide the malicious functionality of the app from Anti-Virus companies or the GooglePlay Store as long as possible.
For this purpose different techniques and tricks have been applied by the malware authors. The tasks of the students is to identify the evolution of malware development in Android starting from the very first beginning until today.
Requirements: Knowledge in IT-Security, experience in Android development
Suggested number of students: 1-3


An Evaluation of Anti-Analysis Techniques in Android Applications

There are many Android apps containing sensitive algorithms or functionalities (e.g. banking applications) that developers want to protect from reverse engineering. Unfortunately, there is no 100% protection against reverse engineering. The developer has to protect the app with different anti-analysis techniques that make a reverse engineering
harder and therefore more time-consuming. There already exists various anti-analysis techniques for Android and the task of the students is to evaluate those techniques.
Requirements: Knowledge in IT-Security, experience in Android development
Suggested number of students: 1-3


An Evaluation of Android Reverse Engineering Frameworks

Every day many thousands of apps are uploaded to the PlayStore. Google very recently released a blog post saying that every single app gets analyzed by an expert before the app gets added to the store (e.g. they check if the app is malicious).
There are no official information available about the internal “inspection”-process, but it is very likely that they reverse engineer the apps with different tools. The task of the students is to evaluate different reverse engineering frameworks for Android.
Requirements: Knowledge in IT-Security, experience in Android development
Suggested number of students: 1-3


Enemy Beyond the Gates: A Study on Intrusion Detection and Honeypots

One worrying aspect of modern attacks on computer systems is that their targets are often unaware that they are being attacked, which limits their ability to defend themselves reactively. Intrusion detection systems (IDS) attempt to address this problem, yet they are clearly not perfect, as we still hear of systems being broken into. Honeypots are often used in conjunction with an IDS in an attempt to lure attackers into heavily-monitored decoy systems and profile their behaviour. The information acquired can then be used to further refine the IDS.
Your task is to describe the various techniques used in detecting and fingerprinting attacks, comparing their effectiveness, efficiency, strengths and weaknesses.
Suggested number of students: 1-3


CFI vs ROP

Control-flow integrity (CFI) looked quite promising in regards to stopping return-oriented programming (ROP). However, after examining current approaches, researchers found that they all share major drawbacks which strongly decrease their security. Your job will be to compare various approaches, identify their vulnerable points and make suggestions on how to improve them.
Suggested number of students: 1-3


ROP on ARM

While return-oriented programming (ROP) is the number one exploitation technique on x86 and therefore several mitigations techniques exist, ROP on ARM is a different topic. Your job will be to investigate the current state of ROP exploitation on ARM (Android and iOS) as well as mitigation techniques.
Suggested number of students: 1-3


Evaluating ROP Gadget Finders

Manually looking for gadgets which can be used for return-oriented programming (ROP) is extremely time consuming and should be easy to automate. However, many different tools for this job exist. Your job will be to compare such tools in regards to performance, configurability, completeness, and other aspects.
Suggested number of students: 2-3
Background knowledge on exploits, especially ROP is required! (I.e., you should have written at least one ROP exploit)


Automatic Exploit Generation

Exploits of security vulnerabilities is a costly and manual intensive activity.
Recent research suggests that techniques from program analysis can
support and eventually automate the task.
Your job is to conduct a review of the literature on the topic,
compare the different approaches and recognize promising research
directions.
Suggested number of students: 1-3


Defense mechanisms against Collusion Attacks

The Android system protects access to sensitive data, such as GPS coordinates or SMS messages, with permissions. Thus, in order to access a protected data, an Android application must declare the appropriate permission(s). Two Android applications can communicate together and could potentially collude to share their permissions. For instance, “app1 with GPS permission” could send the GPS data to “app2 with INTERNET permission”.
The tasks of the students are to search for, describe and evaluate existing solutions to detect and/or prevent application collusion. A solution could be, for example, a tool to analyze Android applications or a modification of the Android framework.
Suggested number of students: 1-3